# HG changeset patch # User Nattee Niparnan # Date 2015-06-18 11:10:53 # Node ID 89e2deff986b53a01f891cf7aae4b951da3eed31 # Parent 5af12f2a9a30ed5c41c7d9fe122c9f10be3f5082 add option to disable login from multiple ip diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -2,6 +2,7 @@ protect_from_forgery SINGLE_USER_MODE_CONF_KEY = 'system.single_user_mode' + MULTIPLE_IP_LOGIN_CONF_KEY = 'right.multiple_ip_login' def admin_authorization return false unless authenticate @@ -61,6 +62,23 @@ return true end + def authenticate_by_ip_address + #this assume that we have already authenticate normally + unless GraderConfiguration[MULTIPLE_IP_LOGIN_CONF_KEY] + user = User.find(session[:user_id]) + if (not user.admin? and user.last_ip and user.last_ip != request.remote_ip) + flash[:notice] = "You cannot use the system from #{request.remote_ip}. Your last ip is #{user.last_ip}" + redirect_to :controller => 'main', :action => 'login' + return false + end + unless user.last_ip + user.last_ip = request.remote_ip + user.save + end + end + return true + end + def authorization return false unless authenticate user = User.find(session[:user_id]) diff --git a/app/controllers/configurations_controller.rb b/app/controllers/configurations_controller.rb --- a/app/controllers/configurations_controller.rb +++ b/app/controllers/configurations_controller.rb @@ -16,6 +16,7 @@ def update @config = GraderConfiguration.find(params[:id]) + User.clear_last_login if @config.key = 'multiple_ip_login' and @config.value == 'true' and params[:grader_configuration][:value] == 'false' respond_to do |format| if @config.update_attributes(params[:grader_configuration]) format.json { head :ok } diff --git a/app/controllers/main_controller.rb b/app/controllers/main_controller.rb --- a/app/controllers/main_controller.rb +++ b/app/controllers/main_controller.rb @@ -13,6 +13,8 @@ prepend_before_filter :reject_announcement_refresh_when_logged_out, :only => [:announcements] + before_filter :authenticate_by_ip_address, :only => [:list] + # COMMENTED OUT: filter in each action instead # before_filter :verify_time_limit, :only => [:submit] diff --git a/app/models/user.rb b/app/models/user.rb --- a/app/models/user.rb +++ b/app/models/user.rb @@ -307,6 +307,10 @@ end end + def self.clear_last_login + User.update_all(:last_ip => nil) + end + protected def encrypt_new_password return if password.blank? diff --git a/db/schema.rb b/db/schema.rb --- a/db/schema.rb +++ b/db/schema.rb @@ -11,16 +11,16 @@ # # It's strongly recommended to check this file into your version control system. -ActiveRecord::Schema.define(:version => 20150503164846) do +ActiveRecord::Schema.define(:version => 20150618085823) do create_table "announcements", :force => true do |t| t.string "author" - t.text "body", :limit => 16777215 + t.text "body" t.boolean "published" - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false - t.boolean "frontpage", :default => false - t.boolean "contest_only", :default => false + t.datetime "created_at", :null => false + t.datetime "updated_at", :null => false + t.boolean "frontpage", :default => false + t.boolean "contest_only", :default => false t.string "title" t.string "notes" end @@ -50,19 +50,19 @@ end create_table "descriptions", :force => true do |t| - t.text "body", :limit => 16777215 + t.text "body" t.boolean "markdowned" - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false + t.datetime "created_at", :null => false + t.datetime "updated_at", :null => false end create_table "grader_configurations", :force => true do |t| t.string "key" t.string "value_type" t.string "value" - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false - t.text "description", :limit => 16777215 + t.datetime "created_at", :null => false + t.datetime "updated_at", :null => false + t.text "description" end create_table "grader_processes", :force => true do |t| @@ -97,10 +97,10 @@ t.integer "sender_id" t.integer "receiver_id" t.integer "replying_message_id" - t.text "body", :limit => 16777215 + t.text "body" t.boolean "replied" - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false + t.datetime "created_at", :null => false + t.datetime "updated_at", :null => false end create_table "problems", :force => true do |t| @@ -142,7 +142,7 @@ create_table "sessions", :force => true do |t| t.string "session_id" - t.text "data", :limit => 16777215 + t.text "data" t.datetime "updated_at" end @@ -163,14 +163,14 @@ t.integer "user_id" t.integer "problem_id" t.integer "language_id" - t.text "source", :limit => 16777215 + t.text "source" t.binary "binary" t.datetime "submitted_at" t.datetime "compiled_at" - t.text "compiler_message", :limit => 16777215 + t.text "compiler_message" t.datetime "graded_at" t.integer "points" - t.text "grader_comment", :limit => 16777215 + t.text "grader_comment" t.integer "number" t.string "source_filename" t.float "max_runtime" @@ -191,10 +191,10 @@ create_table "test_pairs", :force => true do |t| t.integer "problem_id" - t.text "input", :limit => 2147483647 - t.text "solution", :limit => 2147483647 - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false + t.text "input", :limit => 16777215 + t.text "solution", :limit => 16777215 + t.datetime "created_at", :null => false + t.datetime "updated_at", :null => false end create_table "test_requests", :force => true do |t| @@ -205,13 +205,13 @@ t.string "output_file_name" t.string "running_stat" t.integer "status" - t.datetime "updated_at", :null => false + t.datetime "updated_at", :null => false t.datetime "submitted_at" t.datetime "compiled_at" - t.text "compiler_message", :limit => 16777215 + t.text "compiler_message" t.datetime "graded_at" t.string "grader_comment" - t.datetime "created_at", :null => false + t.datetime "created_at", :null => false t.float "running_time" t.string "exit_status" t.integer "memory_usage" @@ -239,9 +239,9 @@ t.boolean "activated", :default => false t.datetime "created_at" t.datetime "updated_at" - t.string "section" t.boolean "enabled", :default => true t.string "remark" + t.string "last_ip" end add_index "users", ["login"], :name => "index_users_on_login", :unique => true diff --git a/db/seeds.rb b/db/seeds.rb --- a/db/seeds.rb +++ b/db/seeds.rb @@ -61,6 +61,13 @@ }, { + :key => 'right.multiple_ip_login', + :value_type => 'boolean', + :default_value => 'true', + :description => 'When change from true to false, a user can login from the first IP they logged into afterward.' + }, + + { :key => 'right.user_view_submission', :value_type => 'boolean', :default_value => 'false',